4 matches found
Unintended Scope Exposure
SES is vulnerable to unintended scope exposure. The vulnerability is due to improper isolation due to top-level let, const, or class bindings in...
CVE-2025-32792 ses's global contour bindings leak into Compartment lexical scope
SES safely executes third-party JavaScript 'strict' mode programs in compartments that have no excess authority in their global scope. Prior to version 1.12.0, web pages and web extensions using ses and the Compartment API to evaluate third-party code in an isolated execution environment that hav...
CVE-2025-32792 ses's global contour bindings leak into Compartment lexical scope
SES safely executes third-party JavaScript 'strict' mode programs in compartments that have no excess authority in their global scope. Prior to version 1.12.0, web pages and web extensions using ses and the Compartment API to evaluate third-party code in an isolated execution environment that hav...
npm SES 安全漏洞
npm SES is a library from the US company npm. A security vulnerability exists in npm SES versions prior to 1.12.0 that stems from third-party code that may access top-level bindings...